lol

Author: swaroopAkkineniWorkos

src/workos/types/authorization/organization_membership.py

@@ -10,7 +10,9 @@ class AuthorizationOrganizationMembership(WorkOSModel):
     """Representation of an Organization Membership returned by Authorization endpoints.
 
     This is a separate type from the user_management OrganizationMembership because
-    authorization endpoints return memberships without the `role` field.
+    authorization endpoints return memberships without the ``role`` field and include
+    ``organization_name``. Additionally, ``custom_attributes`` is optional here as
+    authorization endpoints may omit it.
     """
 
     object: Literal["organization_membership"]

…/authorization/authorization_resource.py …c/workos/types/authorization/resource.pysrc/workos/types/authorization/authorization_resource.py renamed to src/workos/types/authorization/resource.py src/workos/types/authorization/authorization_resource.py renamed to src/workos/types/authorization/resource.py

@@ -1,9 +1,10 @@
-from typing import Any, Literal, Mapping, Optional
+from typing import Literal, Optional
 
 from workos.types.workos_model import WorkOSModel
 
 
-class AuthorizationResource(WorkOSModel):
+class Resource(WorkOSModel):
+    """Representation of an Authorization Resource."""
 
     object: Literal["authorization_resource"]
     id: str

src/workos/types/authorization/role_assignment.py

@@ -4,19 +4,16 @@
 
 
 class RoleAssignmentRole(WorkOSModel):
-
     slug: str
 
 
 class RoleAssignmentResource(WorkOSModel):
-
     id: str
     external_id: str
     resource_type_slug: str
 
 
 class RoleAssignment(WorkOSModel):
-
     object: Literal["role_assignment"]
     id: str
     role: RoleAssignmentRole

src/workos/utils/_base_http_client.py

@@ -134,7 +134,7 @@ def _prepare_request(
             method Optional[str]: One of the supported methods as defined by the REQUEST_METHOD_X constants
             params Optional[dict]: Query params or body payload to be added to the request
             headers Optional[dict]: Custom headers to be added to the request
-            token Optional[str]: Bearer token
+            exclude_default_auth_headers (bool): If True, excludes default auth headers from the request
             force_include_body (bool): If True, allows sending a body in a bodyless request (used for DELETE requests)
 
         Returns:

src/workos/utils/http_client.py

@@ -117,14 +117,18 @@ def delete_with_body(
         self,
         path: str,
         json: JsonType = None,
+        params: ParamsType = None,
         headers: HeadersType = None,
+        exclude_default_auth_headers: bool = False,
     ) -> ResponseJson:
         """Executes a DELETE request with a JSON body against the WorkOS API."""
         prepared_request_parameters = self._prepare_request(
             path=path,
             method=REQUEST_METHOD_DELETE,
             json=json,
+            params=params,
             headers=headers,
+            exclude_default_auth_headers=exclude_default_auth_headers,
             force_include_body=True,
         )
         response = self._client.request(**prepared_request_parameters)
@@ -231,14 +235,18 @@ async def delete_with_body(
         self,
         path: str,
         json: JsonType = None,
+        params: ParamsType = None,
         headers: HeadersType = None,
+        exclude_default_auth_headers: bool = False,
     ) -> ResponseJson:
         """Executes a DELETE request with a JSON body against the WorkOS API."""
         prepared_request_parameters = self._prepare_request(
             path=path,
             method=REQUEST_METHOD_DELETE,
             json=json,
+            params=params,
             headers=headers,
+            exclude_default_auth_headers=exclude_default_auth_headers,
             force_include_body=True,
         )
         response = await self._client.request(**prepared_request_parameters)

tests/test_async_http_client.py

@@ -326,3 +326,40 @@ async def test_request_removes_none_json_values(
             json={"organization_id": None, "test": "value"},
         )
         assert request_kwargs["json"] == {"test": "value"}
+
+    async def test_delete_with_body_sends_json(
+        self, capture_and_mock_http_client_request
+    ):
+        request_kwargs = capture_and_mock_http_client_request(self.http_client, {}, 200)
+
+        await self.http_client.delete_with_body(
+            path="/test",
+            json={"resource_id": "res_01ABC"},
+        )
+
+        assert request_kwargs["method"] == "delete"
+        assert request_kwargs["json"] == {"resource_id": "res_01ABC"}
+
+    async def test_delete_with_body_sends_params(
+        self, capture_and_mock_http_client_request
+    ):
+        request_kwargs = capture_and_mock_http_client_request(self.http_client, {}, 200)
+
+        await self.http_client.delete_with_body(
+            path="/test",
+            json={"resource_id": "res_01ABC"},
+            params={"org_id": "org_01ABC"},
+        )
+
+        assert request_kwargs["params"] == {"org_id": "org_01ABC"}
+        assert request_kwargs["json"] == {"resource_id": "res_01ABC"}
+
+    async def test_delete_without_body_raises_value_error(self):
+        with pytest.raises(
+            ValueError, match="Cannot send a body with a delete request"
+        ):
+            await self.http_client.request(
+                path="/test",
+                method="delete",
+                json={"should": "fail"},
+            )

tests/test_authorization_types.py

@@ -0,0 +1,144 @@
+"""Tests for new authorization types: Resource, RoleAssignment, AccessEvaluation,
+AuthorizationOrganizationMembership."""
+
+from workos.types.authorization import (
+    AccessEvaluation,
+    AuthorizationOrganizationMembership,
+    Resource,
+    RoleAssignment,
+    RoleAssignmentResource,
+    RoleAssignmentRole,
+)
+
+
+class TestAccessEvaluation:
+    def test_authorized_true(self):
+        result = AccessEvaluation(authorized=True)
+        assert result.authorized is True
+
+    def test_authorized_false(self):
+        result = AccessEvaluation(authorized=False)
+        assert result.authorized is False
+
+    def test_from_dict(self):
+        result = AccessEvaluation.model_validate({"authorized": True})
+        assert result.authorized is True
+
+
+class TestResource:
+    def test_resource_deserialization(self):
+        data = {
+            "object": "authorization_resource",
+            "id": "res_01ABC",
+            "external_id": "ext_123",
+            "name": "Test Document",
+            "resource_type_slug": "document",
+            "organization_id": "org_01EHT88Z8J8795GZNQ4ZP1J81T",
+            "created_at": "2024-01-01T00:00:00Z",
+            "updated_at": "2024-01-01T00:00:00Z",
+        }
+        resource = Resource.model_validate(data)
+
+        assert resource.object == "authorization_resource"
+        assert resource.id == "res_01ABC"
+        assert resource.external_id == "ext_123"
+        assert resource.name == "Test Document"
+        assert resource.resource_type_slug == "document"
+        assert resource.organization_id == "org_01EHT88Z8J8795GZNQ4ZP1J81T"
+        assert resource.description is None
+        assert resource.parent_resource_id is None
+
+    def test_resource_with_optional_fields(self):
+        data = {
+            "object": "authorization_resource",
+            "id": "res_01ABC",
+            "external_id": "ext_123",
+            "name": "Test Document",
+            "description": "A test document resource",
+            "resource_type_slug": "document",
+            "organization_id": "org_01EHT88Z8J8795GZNQ4ZP1J81T",
+            "parent_resource_id": "res_01PARENT",
+            "created_at": "2024-01-01T00:00:00Z",
+            "updated_at": "2024-01-01T00:00:00Z",
+        }
+        resource = Resource.model_validate(data)
+
+        assert resource.description == "A test document resource"
+        assert resource.parent_resource_id == "res_01PARENT"
+
+
+class TestRoleAssignment:
+    def test_role_assignment_deserialization(self):
+        data = {
+            "object": "role_assignment",
+            "id": "ra_01ABC",
+            "role": {"slug": "admin"},
+            "resource": {
+                "id": "res_01ABC",
+                "external_id": "ext_123",
+                "resource_type_slug": "document",
+            },
+            "created_at": "2024-01-01T00:00:00Z",
+            "updated_at": "2024-01-01T00:00:00Z",
+        }
+        assignment = RoleAssignment.model_validate(data)
+
+        assert assignment.object == "role_assignment"
+        assert assignment.id == "ra_01ABC"
+        assert assignment.role.slug == "admin"
+        assert assignment.resource.id == "res_01ABC"
+        assert assignment.resource.external_id == "ext_123"
+        assert assignment.resource.resource_type_slug == "document"
+
+    def test_role_assignment_role(self):
+        role = RoleAssignmentRole(slug="editor")
+        assert role.slug == "editor"
+
+    def test_role_assignment_resource(self):
+        resource = RoleAssignmentResource(
+            id="res_01ABC",
+            external_id="ext_123",
+            resource_type_slug="document",
+        )
+        assert resource.id == "res_01ABC"
+        assert resource.external_id == "ext_123"
+        assert resource.resource_type_slug == "document"
+
+
+class TestAuthorizationOrganizationMembership:
+    def test_membership_deserialization(self):
+        data = {
+            "object": "organization_membership",
+            "id": "om_01ABC",
+            "user_id": "user_01ABC",
+            "organization_id": "org_01ABC",
+            "organization_name": "Test Org",
+            "status": "active",
+            "created_at": "2024-01-01T00:00:00Z",
+            "updated_at": "2024-01-01T00:00:00Z",
+        }
+        membership = AuthorizationOrganizationMembership.model_validate(data)
+
+        assert membership.object == "organization_membership"
+        assert membership.id == "om_01ABC"
+        assert membership.user_id == "user_01ABC"
+        assert membership.organization_id == "org_01ABC"
+        assert membership.organization_name == "Test Org"
+        assert membership.status == "active"
+        assert membership.custom_attributes is None
+
+    def test_membership_with_custom_attributes(self):
+        data = {
+            "object": "organization_membership",
+            "id": "om_01ABC",
+            "user_id": "user_01ABC",
+            "organization_id": "org_01ABC",
+            "organization_name": "Test Org",
+            "status": "active",
+            "custom_attributes": {"department": "Engineering"},
+            "created_at": "2024-01-01T00:00:00Z",
+            "updated_at": "2024-01-01T00:00:00Z",
+        }
+        membership = AuthorizationOrganizationMembership.model_validate(data)
+
+        assert membership.custom_attributes == {"department": "Engineering"}

tests/test_sync_http_client.py

@@ -372,3 +372,36 @@ def test_request_removes_none_json_values(
             json={"organization_id": None, "test": "value"},
         )
         assert request_kwargs["json"] == {"test": "value"}
+
+    def test_delete_with_body_sends_json(self, capture_and_mock_http_client_request):
+        request_kwargs = capture_and_mock_http_client_request(self.http_client, {}, 200)
+
+        self.http_client.delete_with_body(
+            path="/test",
+            json={"resource_id": "res_01ABC"},
+        )
+
+        assert request_kwargs["method"] == "delete"
+        assert request_kwargs["json"] == {"resource_id": "res_01ABC"}
+
+    def test_delete_with_body_sends_params(self, capture_and_mock_http_client_request):
+        request_kwargs = capture_and_mock_http_client_request(self.http_client, {}, 200)
+
+        self.http_client.delete_with_body(
+            path="/test",
+            json={"resource_id": "res_01ABC"},
+            params={"org_id": "org_01ABC"},
+        )
+
+        assert request_kwargs["params"] == {"org_id": "org_01ABC"}
+        assert request_kwargs["json"] == {"resource_id": "res_01ABC"}
+
+    def test_delete_without_body_raises_value_error(self):
+        with pytest.raises(
+            ValueError, match="Cannot send a body with a delete request"
+        ):
+            self.http_client.request(
+                path="/test",
+                method="delete",
+                json={"should": "fail"},
+            )

tests/utils/fixtures/mock_resource.py

@@ -0,0 +1,25 @@
+import datetime
+
+from workos.types.authorization.resource import Resource
+
+
+class MockResource(Resource):
+    def __init__(
+        self,
+        id: str = "res_01ABC",
+        external_id: str = "ext_123",
+        name: str = "Test Resource",
+        resource_type_slug: str = "document",
+        organization_id: str = "org_01EHT88Z8J8795GZNQ4ZP1J81T",
+    ):
+        now = datetime.datetime.now().isoformat()
+        super().__init__(
+            object="authorization_resource",
+            id=id,
+            external_id=external_id,
+            name=name,
+            resource_type_slug=resource_type_slug,
+            organization_id=organization_id,
+            created_at=now,
+            updated_at=now,
+        )

tests/utils/fixtures/mock_role_assignment.py

@@ -0,0 +1,31 @@
+import datetime
+
+from workos.types.authorization.role_assignment import (
+    RoleAssignment,
+    RoleAssignmentResource,
+    RoleAssignmentRole,
+)
+
+
+class MockRoleAssignment(RoleAssignment):
+    def __init__(
+        self,
+        id: str = "ra_01ABC",
+        role_slug: str = "admin",
+        resource_id: str = "res_01ABC",
+        resource_external_id: str = "ext_123",
+        resource_type_slug: str = "document",
+    ):
+        now = datetime.datetime.now().isoformat()
+        super().__init__(
+            object="role_assignment",
+            id=id,
+            role=RoleAssignmentRole(slug=role_slug),
+            resource=RoleAssignmentResource(
+                id=resource_id,
+                external_id=resource_external_id,
+                resource_type_slug=resource_type_slug,
+            ),
+            created_at=now,
+            updated_at=now,
+        )